/*
 * Class to interact with Administration GUI
 * 
 */
package acc;

import entity.User;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;

/**
 *
 * @author Haitm
 */
public class AdministrationInteraction {

    // insert new user *********
    public static String insertUser(User user) {

        PassEncrypt p = new PassEncrypt();
        String mess = "";
//        String sql1 = "insert into [User] values (?, ?, ?, ?, ?, ?, ?, ?)";
//        String sql2 = "insert into Permission values (?, ?)";
//        try {
//            PreparedStatement prs = DataInteraction.connect().prepareStatement(sql1);
//            prs.setString(1, user.getUserID());
//            prs.setString(2, user.getUserName());
//            prs.setString(3, p.encryptPass(user.getPassword()));
//            prs.setString(4, user.getFullName());
//            prs.setString(5, user.getGender());
//            prs.setDate(6, user.getDateOfBirth());
//            prs.setString(7, user.getAddress());
//            prs.setString(8, user.getEmail());
//            prs.executeUpdate();
//            PreparedStatement prs2 = DataInteraction.connect().prepareStatement(sql2);
//            prs2.setString(2, user.getUserID());
//            prs2.setString(1, user.getGroupID());
//            prs2.executeUpdate();
//        String sql2 = "insert into [Group] values (?, ?, ?)";
        String sql1 = "insert into [User] values (?, ?, ?, ?, ? , ?, ?, ?, ?, ?, ?,?)";

        try {
//            PreparedStatement prst2 = DataInteraction.connect().prepareStatement(sql2);
//            prst2.setString(1, user.getGroupID());
//            prst2.setString(2, user.getGroupName());
//            prst2.setString(3, user.getPermission());
//            prst2.executeUpdate();
            PreparedStatement prst = DataInteraction.connect().prepareStatement(sql1);
            prst.setString(1, user.getUserID());
            prst.setString(2, user.getUserName());
            prst.setString(3, p.encryptPass(user.getPassword()));
            prst.setString(4, user.getGroupID());
            prst.setString(5, user.getFirstName());
            prst.setString(6, user.getLastName());
            prst.setString(7, user.getGender());
            prst.setDate(8, user.getDateOfBirth());
            prst.setString(9, user.getEmail());
            prst.setString(10, user.getPhone());
            prst.setString(11, user.getAddress());
            prst.setString(12, "True");
            prst.executeUpdate();

            mess = "Create Successfully";
        } catch (SQLException ex) {
            ex.printStackTrace();
            mess = "Create Fail";
        }
        return mess;
    }

    //update an existed user **********
    public static String updateUser(User user) {
        PassEncrypt p = new PassEncrypt();
        String mess = "";
        int flag1 = DataInteraction.execQuery("update [User] set "
                + "   UserName = '" + user.getUserName()
//                + "', Password = '" + p.encryptPass(user.getPassword())
                + "',   FirstName = '" + user.getFirstName()
                + "', LastName = '" + user.getLastName()
                + "',   Phone = '" + user.getPhone()
//                + "', GroupID = '" + user.getGroupID()
//                +"', Phone = '" + user.getPhone()
                //                + "',   Permission = '" + user.getPermission()
                + "', Sex = '" + user.getGender()
                + "', Birthday = '" + user.getDateOfBirth()
                + "', Email = '" + user.getEmail()
                + "', Address =  '" + user.getAddress()
                + "'  where UserID like '" + user.getUserID() + "'");

//        int flag2 = DataInteraction.execQuery("update [Role] set "
//                + " Permission= '" + user.getPermission()
//                + "' where GroupID like '" + user.getGroupID() + "'");
//        int flag3 = DataInteraction.execQuery("update [Group] set"
//                + "', Permission =  '" + user.getPermission()
//                + "'where UserID like'" + user.getUserID());
        if (flag1 == 0) {
            mess = "Update fail";
        } else if (flag1 == -1) {
            mess = "SQL Exception";
        } else {
            mess = "Update successfully";
        }
        return mess;
    }

    public static String disable(User user) {
        String mess = "";
        int flag2 = DataInteraction.execQuery("update [User] set "
                + " Status = 0"
                + " where UserID like '" + user.getUserID() + "'");
        if (flag2 == 0) {
            mess = "Update fail";
        } else if (flag2 == -1) {
            mess = "SQL Exception";
        } else {
            mess = "Update successfully";
        }
        return mess;
    }

    //delete an user ****************
    public static String deleteUser(String userID) {
        String mess = "";
//        int flag1 = DataInteraction.execQuery("delete from [Role] where GroupID = '" + groupID + "'");
//        int flag3 = DataInteraction.execQuery("delete form [Group] where GroupID'" + groupID + "'");
        int flag2 = DataInteraction.execQuery("delete from [User] where  UserID = '" + userID + "'");

        if (flag2 == 0) {
            mess = "Delete fail";
        } else if (flag2 == -1) {
            mess = "SQL Exception";
        } else {
            mess = "Delete successfully";
        }
        return mess;
    }

    //Automatically create the User ID
    public static String createNewUserId() throws SQLException {
        String newId;
        String sql = "select top 1 substring(UserID,5,len(UserID)-4) from [User] order by UserID DESC";
        ResultSet rs = DataInteraction.createResultSet(sql);
        if (!rs.first()) {
            newId = "USER01";
        } else {
            String temp = rs.getString(1);
            int seq = Integer.parseInt(temp) + 1;
            if (temp.length() > 3) {
                newId = "USER" + seq;
            } else {
                newId = "USER00".substring(0, 6 - String.valueOf(seq).length()) + seq;
            }
        }
        return newId;
    }

    public static String enable(User user) {
        String mess = "";
        int flag2 = DataInteraction.execQuery("update [User] set "
                + " Status =  1"
                + " where UserID like '" + user.getUserID() + "'");
        if (flag2 == 0) {
            mess = "Update fail";
        } else if (flag2 == -1) {
            mess = "SQL Exception";
        } else {
            mess = "Update successfully";
        }
        return mess;
    }

    public static String changePass(String id, String pass) {
        String mess = "";
        int flag2 = DataInteraction.execQuery("update [User] set "
                + " Password =  '" + pass
                + "' where UserID like '" + id + "'");
        if (flag2 == 0) {
            mess = "Update fail";
        } else if (flag2 == -1) {
            mess = "SQL Exception";
        } else {
            mess = "Update successfully";
        }
        return mess;
    }

    public static String quickChangePass(String id) {
        PassEncrypt p = new PassEncrypt();
        String password = "12345678";
        String mess = "";
        int flag2 = DataInteraction.execQuery("update [User] set "
                + " Password = '"+p.encryptPass(password)
                + "' where UserID like '" + id + "'");
        if (flag2 == 0) {
            mess = "Update fail";
        } else if (flag2 == -1) {
            mess = "SQL Exception";
        } else {
            mess = "Update successfully";
        }
        return mess;
    }
}
